Rensei docs
API ReferenceM C P

Per-session MCP tool surface (JSON-RPC 2.0)

JSON-RPC 2.0 over HTTP POST. Exposes workflow tools, A2A peer agents as tools, and agent memory tools to running agent subprocesses. Supported methods: - `initialize` - protocol handshake, advertises `tools` capability. - `notifications/initialized` - client readiness signal; no response (202). - `tools/list` - lists tools available for this session. - `tools/call` - invokes a tool by name with arguments. Server-injected context: memory tools (`af_memory_recall`, `af_memory_remember`) and graph tools (`graph_*`) have their `context` argument overwritten from the authenticated session to prevent cross-tenant access. Auth: `Bearer rsk_*` via `getCliOrSessionAuth`. The authenticated org must match the session's `organizationId`. JSON-RPC error codes: - `-32700` Parse error - `-32601` Method not found / ToolNotFoundError - `-32602` Invalid params - `-32603` Internal error - `-32003` Rensei auth-denied (ToolNotAuthorizedForSessionError)

POST
/api/mcp/{sessionId}

Authorization

rsk_Bearer
AuthorizationBearer <token>

Rensei API key. Format: rsk_live_<random>. Generated in Settings or via POST /api/org/{orgId}/keys. Used by CLI (af), daemon, and programmatic integrations.

In: header

Path Parameters

sessionId*string

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

Response Body

application/json

application/json

application/json

application/json

application/json

curl -X POST "https://example.com/api/mcp/string" \  -H "Content-Type: application/json" \  -d '{    "jsonrpc": "2.0",    "method": "initialize"  }'
{
  "jsonrpc": "2.0",
  "id": "string",
  "result": null,
  "error": {
    "code": 0,
    "message": "string",
    "data": null
  }
}
Empty
{
  "error": "Session not found"
}
{
  "error": "Session not found"
}
{
  "error": "Session not found"
}
{
  "error": "Session not found"
}

Per-workspace JWKS for audit signature verification

Fully unauthenticated. Returns all Ed25519 public keys (active and revoked) for the workspace so external auditors can verify audit event signatures without Rensei systems. - Supports both `/{workspace_id}` and `/{workspace_id}.json` paths. - Unknown workspaces return `{ keys: [] }` with status 200 (no workspace-existence leakage via status code). - Caching: `public, max-age=300, stale-while-revalidate=3600` + ETag. - CORS: `access-control-allow-origin: *`.

API Key Authentication

rsk_ API key management.